Between September and November 2021, a previously unknown, money-driven threat group carried out a string of data theft and extortion operations against more than 40 organizations.
According to a study issued on December 10 by Accenture’s Cyber Research, Forensics and Response unit, a gang of cybercriminals known as Karakurt was first spotted in June 2021 and therefore can switch strategies and procedures to fit the targeted system. CIFR stated that,
Threat organizations are monetarily driven, opportunistic in character, and appear to be focusing on small enterprises or multinational subsidiaries instead of other massive hunting strategies.”
According to the group,
“Based on infiltration assessments to date, threat organizations have mainly centered on data breaches and consequent extortion, instead of highly catastrophic ransomware operations.”
North America accounts for 95% of threat incidents, with Europe accounting for the rest 5%. The most focused industries include professional services, healthcare, industrial, retail, tech, and entertainment. However, law enforcement agencies try their best to assist organizations to get rid of this issue but unfortunately due to following law enforcement operations, hackers such as Dark Side, BlackMatter, and REvil Karakurt try new methods to disrupt their operations.
Companies can switch on multi-factor authentication (MFA) to verify their accounts, block RDP on external devices, and update their system to the newest version in order to protect their data.